Attachment #200976 for bug #234772

View | Details | Raw Unified | Return to bug 234772
Collapse All | Expand All




--- configure.ac.orig	2016-12-30 13:01:28 UTC
+++ configure.ac
@@ -138,12 +138,12 @@ fi
 AH_TEMPLATE(HAVE_X509_PRINT_EX_FP, [open ssl X509_print_ex_fp available])
 if test "x$with_ssl" != "xno"; then
 	if test "x$HAVE_LIBCRYPTO" = "xtrue"; then
-		AC_CHECK_LIB(ssl, SSL_library_init,
+		AC_CHECK_LIB(ssl, SSL_free,
 			SSL_LIBS="-lssl -lcrypto"
 			[AC_DEFINE(HAVE_LIBSSL) HAVE_LIBSSL="true"], ,
 			-lcrypto)
 	else
-		AC_CHECK_LIB(ssl, SSL_library_init,
+		AC_CHECK_LIB(ssl, SSL_free,
 			SSL_LIBS="-lssl"
 			[AC_DEFINE(HAVE_LIBSSL) HAVE_LIBSSL="true"], ,)
 	fi

Line 0 Link Here

(-)files/patch-rfbssl_openssl.c (+11 lines)
	1	--- libvncserver/rfbssl_openssl.c.orig 2016-12-30 13:01:28 UTC
	2	+++ libvncserver/rfbssl_openssl.c
	3	@@ -56,7 +56,7 @@ int rfbssl_init(rfbClientPtr cl)
	4	rfbErr("OOM\n");
	5	} else if (!cl->screen->sslcertfile \|\| !cl->screen->sslcertfile[0]) {
	6	rfbErr("SSL connection but no cert specified\n");
	7	- } else if (NULL == (ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method()))) {
	8	+ } else if (NULL == (ctx->ssl_ctx = SSL_CTX_new(TLS_server_method()))) {
	9	rfbssl_error();
	10	} else if (SSL_CTX_use_PrivateKey_file(ctx->ssl_ctx, keyfile, SSL_FILETYPE_PEM) <= 0) {
	11	rfbErr("Unable to load private key file %s\n", keyfile);




--- libvncclient/tls_openssl.c.orig	2016-12-30 13:01:28 UTC
+++ libvncclient/tls_openssl.c
@@ -189,7 +189,7 @@ ssl_verify (int ok, X509_STORE_CTX *ctx)
 
   ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx ());
 
-  client = SSL_CTX_get_app_data (ssl->ctx);
+  client = SSL_CTX_get_app_data ( SSL_get_SSL_CTX (ssl) );
 
   cert = X509_STORE_CTX_get_current_cert (ctx);
   err = X509_STORE_CTX_get_error (ctx);
@@ -288,8 +288,7 @@ open_ssl_connection (rfbClient *client, 
       if (wait_for_data(ssl, n, 1) != 1) 
       {
         finished = 1; 
-        if (ssl->ctx)
-          SSL_CTX_free (ssl->ctx);
+        /* SSL_free does call SSL_CTX_free */
         SSL_free(ssl);
         SSL_shutdown (ssl);
 

Return to bug 234772

Line 0 Link Here

(-)files/patch-configure.ac (+17 lines)
	1	--- configure.ac.orig 2016-12-30 13:01:28 UTC
	2	+++ configure.ac
	3	@@ -138,12 +138,12 @@ fi
	4	AH_TEMPLATE(HAVE_X509_PRINT_EX_FP, [open ssl X509_print_ex_fp available])
	5	if test "x$with_ssl" != "xno"; then
	6	if test "x$HAVE_LIBCRYPTO" = "xtrue"; then
	7	- AC_CHECK_LIB(ssl, SSL_library_init,
	8	+ AC_CHECK_LIB(ssl, SSL_free,
	9	SSL_LIBS="-lssl -lcrypto"
	10	[AC_DEFINE(HAVE_LIBSSL) HAVE_LIBSSL="true"], ,
	11	-lcrypto)
	12	else
	13	- AC_CHECK_LIB(ssl, SSL_library_init,
	14	+ AC_CHECK_LIB(ssl, SSL_free,
	15	SSL_LIBS="-lssl"
	16	[AC_DEFINE(HAVE_LIBSSL) HAVE_LIBSSL="true"], ,)
	17	fi

Line 0 Link Here

(-)files/patch-tls_openssl.c (+21 lines)
	1	--- libvncclient/tls_openssl.c.orig 2016-12-30 13:01:28 UTC
	2	+++ libvncclient/tls_openssl.c
	3	@@ -189,7 +189,7 @@ ssl_verify (int ok, X509_STORE_CTX *ctx)
	4
	5	ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx ());
	6
	7	- client = SSL_CTX_get_app_data (ssl->ctx);
	8	+ client = SSL_CTX_get_app_data ( SSL_get_SSL_CTX (ssl) );
	9
	10	cert = X509_STORE_CTX_get_current_cert (ctx);
	11	err = X509_STORE_CTX_get_error (ctx);
	12	@@ -288,8 +288,7 @@ open_ssl_connection (rfbClient *client,
	13	if (wait_for_data(ssl, n, 1) != 1)
	14	{
	15	finished = 1;
	16	- if (ssl->ctx)
	17	- SSL_CTX_free (ssl->ctx);
	18	+ /* SSL_free does call SSL_CTX_free */
	19	SSL_free(ssl);
	20	SSL_shutdown (ssl);
	21